1. Field of the Invention
The present invention relates to techniques for enhancing file system security. More specifically, the present invention relates to a technique for encrypting and decrypting files within a file system, wherein the technique uses a tamper-resistant module to perform encryption and decryption operations.
2. Related Art
Confidential data which resides on a file system can often be compromised by an attacker having physical access to the computer on which the file system resides, or by an attacker exploiting a security flaw in the file system. It can be extremely difficult to ensure that there are no exploitable flaws in a file system because modern file systems typically contain hundreds of thousands, or even millions of lines of code. Even if the file system itself is not flawed, the data on the file system still needs to be protected against someone who breaks into the computer system or who obtains physical access to the storage device upon which the files are stored. For example, an intruder could steal the hard drive and attach it to another computer running the same file system to obtain access to the files. Fortunately, such attacks can be effectively prevented by encrypting data at the file system level.
In an encrypted file system where encryption is done at the file system, the file system is typically entrusted to open any file. For example, the file system can maintain a set of master secrets, wherein each of the master secrets can lock/unlock many files. However, if a master secret is compromised by a malicious process, a large number of encrypted files can be compromised. Hence, it is desirable to keep master secrets in a safer place instead of on the file system itself, so that they cannot be stolen.
However, even if the master secrets are safely maintained outside of the file system, they are still vulnerable when they are used to access the files. For example, a master secret which is maintained outside of the file system may have to be sent to the file system to encrypt/decrypt files. Hence, an attacker can constantly monitor the file system, and can attack the file system when the master secret is being used by the file system.
Hence, what is needed is a method and an apparatus for securely accessing files through a file system without the above-described problems.